How to secure your e-mail under Mac OS X and iOS 5 with S/MIME

As one of the oldest applications of the Internet, e-mail has never been known for having top-notch security. This reputation isn't completely undeserved: even today, anyone who knows how to bring up the preferences of a mail program can send out messages with any "From:" address they please. Ironically, such forged messages may travel to and from mail servers over encrypted connections. This helps make sure that nosy types with big WiFi antennas don't get to see your mail or passwords, but it doesn't keep your mail safe from equally nosy mail server admins—or subpoenas by nosy governments.

But not all hope is lost for e-mail. Secure/Multipurpose Internet Mail Extensions (S/MIME) can secure your mail by encrypting a message at the source and only decrypting it once it's in the hands of the receiver. S/MIME also supports digital signatures, so you can know for sure who sent the message and that it wasn't changed in transit. (Big caveat: the nosy governments could still be in cahoots with the certificate authorities, so we make no promises there.)

In the past, we've written about GPGMail, a plug-in that lets Apple's Mail.app use GNU GPG encryption. Unfortunately, GPG is a pretty unwieldy system and GPGMail could take a very long time to be updated for a new Mac OS X release. (There is currently a stable version available for Snow Leopard and an alpha version for Lion.)

The advantage of S/MIME is that it's built into Mail on the Mac and, as of last week, also in iOS. (I've only tried this using iOS 5 on an iPhone 4, but I assume things work much the same on iPads and iPod touches.)

GPG and S/MIME us the same public key encryption as their underlying technology. Every user has two keys: a public and a private one. The public key can be used by anyone to encrypt messages or check signatures, while only the private key allows for decrypting messages encrypted with the matching public key, and creating signatures. However, key and trust management is very different: with GPG, this is done in a decentralized fashion, while S/MIME requires obtaining a certificate from a certificate authority.

Receiving signed messages

The good news is that because your computer or iDevice already knows many of these certificate authorities, it can check signatures without the need for additional information. If you receive a signed e-mail, Mail will show a "Security" line in the mail headers—as long as you haven't hidden all headers—with a checkmark icon and the name of the person who signed the message. (Note that most certificate authorities only check the e-mail address, not the name of the person requesting a certificate.) If something is wrong with the certificate or the message was changed after it was signed, Mail displays a big yellow banner telling you there is a problem. Click on the checkmark icon to see the sender's certificate.

For some strange reason, Apple has chosen to not indicate that a message was signed in the standard configuration under iOS. To enable this feature, you have to go into the Settings > Account > Advanced for each e-mail account, and then enable S/MIME. (Be careful not to tap "cancel" when traversing back the menus.) The iOS Mail application will then show a little checkmark after the sender's name if a message was signed. If there is a problem, the name is shown in red followed by a question mark. A common reason for signature failures is people using self-signed certificates or using CAcert, which isn't considered a trusted authority by Apple and others. You can tap a name to see more information.

That's all there is to receiving signed messages. But if you want to be able to sign messages yourself and receive encrypted ones, you need a certificate.

The certificate

S/MIME or e-mail certificates are cheap (or even free), but that means that the certificate authority only checks whether the person requesting a certificate is actually in control of the e-mail address in question, with no actual identity checking. Because these certificates are so cheap, not all certificate vendors bother with them or, if they do, they don't give this service prominent placement. I purchased a certificate that's valid for a year from VeriSign for $20. They also offer a 60-day free trial; just leave the payment information empty in order to do this. After jumping through a hoop or two, I ended up with a .p7s file on my system, which can be opened with the Keychain Access utility. This will install the file in your keychain so Mail can use it.

From Keychain Access, you can then also export the certificate as a password-protected .p12 file for installation on your iOS device. The proper way to do that is probably using the iPhone Configuration Utility, but mailing the file to yourself—or storing it in a draft mail message on the mail server—is a lot simpler. Opening the file will make iOS install the certificate. In my case, it said the cert was untrusted at first, for reasons that I couldn't determine.

The Mac

Once you've installed a certificate under Mail on the Mac, you can then compose a message with a From: address that matches the e-mail address in the cert. Here, you have the option of encrypting and/or signing your new message. Encryption is toggled using a lock icon and signing with a checkmark icon. Note that these settings carry over to subsequent messages. Signing requires access to your private key, so depending on your keychain settings, you may have to type your password. Encrypting, on the other hand, (only) requires the certificate of the person you're e-mailing. Mail automatically adds all the certificates found in signed messages you've received to your keychain. So if you don't have someone's cert, just ask them to send you a signed message.

iOS

Under iOS, there is no way to toggle signing and encryption on a per-message basis. Instead, you enable (or disable) these functions in the S/MIME settings for each account. Additionally, iOS doesn't automatically remember the certs of people who have e-mailed you. It's not even smart enough to pick up the cert from a signed message you're replying to. Instead, when someone has sent you a signed message, you have to tap their name and then you can install their certificate for future use. If you try to send a message to someone you don't have a certificate for while encryption is enabled, their name turns red to alert you to the problem. A lock icon indicates that a message was encrypted.

The Comodo and Diginotar incidents have shown that authority-based security has its limitations, but it's still much better than trusting random mail headers. So turn on S/MIME on your iPhone to enable signature checking, and consider signing your business e-mail. Hopefully at some point big business will also catch on and start sending signed mail so we can finally tell legit messages from misspelled fishing.

Iljitsch van Beijnum / Iljitsch is a contributing writer at Ars Technica, where he contributes articles about network protocols as well as Apple topics. He is currently finishing his Ph.D work at the telematics department at Universidad Carlos III de Madrid (UC3M) in Spain.